Paypal & Stripe Add-on Security Vulnerabilities and Issues — Paypal & Stripe Add-on CVE List

Lucene search

WppluginPaypal & Stripe Add-on

4 matches found

CVE•added 2024/02/28 10:15 a.m.•75 views

CVE-2024-1719

The Easy PayPal & Stripe Buy Now Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.3 and in Contact Form 7 – PayPal & Stripe Add-on all versions up to, and including 2.1. This is due to missing or incorrect nonce validation on the 'wpe...

4.3CVSS5.2AI score0.00112EPSS

CVE•added 2024/03/19 2:15 p.m.•58 views

CVE-2024-29130

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Contact Form 7 – PayPal & Stripe Add-on allows Reflected XSS.This issue affects Contact Form 7 – PayPal & Stripe Add-on: from n/a through 2.0.

7.1CVSS7.1AI score0.00119EPSS

CVE•added 2024/11/09 7:15 a.m.•36 views

CVE-2024-10683

The Contact Form 7 – PayPal & Stripe Add-on plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.3.1. This makes it possible for unauthenticated attacke...

6.1CVSS6AI score0.00222EPSS

CVE•added 2023/07/10 4:15 p.m.•20 views

CVE-2023-24405

Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Contact Form 7 – PayPal & Stripe Add-on plugin

8.8CVSS7.1AI score0.00051EPSS